|
|
|
|
|
|
|
|
|
|
TSP Workshop
|
|
|
Title:
|
Operating System Mechanisms for TPM-Based Lifetime Measurement of Process Integrity
|
|
|
Author(s):
|
Xiao Li, Renmin University of China ; Wenchang Shi, Renmin University of China; Zhaohui Liang, Renmin University of China; Bin Liang, Renmin University of China; Zhiyong Shan, Renmin University of China
|
|
|
Abstract:
|
Implementing runtime integrity measurement in an acceptable way is a big challenge. We tackle this challenge by developing a framework called Patos. This paper discusses the design and implementation concepts of our operating system mechanisms for runtime process integrity measurement, which is an important part of the Patos framework and is named Patos-RIP. Patos-RIP is developed into the main-stream Linux operating system and utilizes TPM as hardware support for tamper-resistance. From the beginning a process is created to the moment the process dies, Patos-RIP conducts integrity measurement at appropriate points of time when the process runs, so as to ensure that the integrity of a process is not compromised during its whole lifetime. This way, Patos-RIP can improve trustworthiness of processes by effectively detecting runtime tampering attacks on processes? integrity.
|
|
|
|
|
|
|